TAKE THE ARIAN CASPIAN DATA ROAD TO

Making Your Business Grow

July 11, 2024

Microsoft details ‘Skeleton Key’ AI jailbreak

Microsoft has disclosed a new type of AI jailbreak attack dubbed “Skeleton Key,” which can bypass responsible AI guardrails in multiple generative AI models. This technique, capable of subverting most safety measures built into AI systems, highlights the critical need for robust security measures across all layers of the AI stack.

The Skeleton Key jailbreak employs a multi-turn strategy to convince an AI model to ignore its built-in safeguards. Once successful, the model becomes unable to distinguish between malicious or unsanctioned requests and legitimate ones, effectively giving attackers full control over the AI’s output.

Microsoft’s research team successfully tested the Skeleton Key technique on several prominent AI models, including Meta’s Llama3-70b-instruct, Google’s Gemini Pro, OpenAI’s GPT-3.5 Turbo and GPT-4, Mistral Large, Anthropic’s Claude 3 Opus, and Cohere Commander R Plus.

All of the affected models complied fully with requests across various risk categories, including explosives, bioweapons, political content, self-harm, racism, drugs, graphic sex, and violence.

The attack works by instructing the model to augment its behaviour guidelines, convincing it to respond to any request for information or content while providing a warning if the output might be considered offensive, harmful, or illegal. This approach, known as “Explicit: forced instruction-following,” proved effective across multiple AI systems.

“In bypassing safeguards, Skeleton Key allows the user to cause the model to produce ordinarily forbidden behaviours, which could range from production of harmful content to overriding its usual decision-making rules,” explained Microsoft.

In response to this discovery, Microsoft has implemented several protective measures in its AI offerings, including Copilot AI assistants.

Microsoft says that it has also shared its findings with other AI providers through responsible disclosure procedures and updated its Azure AI-managed models to detect and block this type of attack using Prompt Shields.

To mitigate the risks associated with Skeleton Key and similar jailbreak techniques, Microsoft recommends a multi-layered approach for AI system designers:

  • Input filtering to detect and block potentially harmful or malicious inputs
  • Careful prompt engineering of system messages to reinforce appropriate behaviour
  • Output filtering to prevent the generation of content that breaches safety criteria
  • Abuse monitoring systems trained on adversarial examples to detect and mitigate recurring problematic content or behaviours

Microsoft has also updated its PyRIT (Python Risk Identification Toolkit) to include Skeleton Key, enabling developers and security teams to test their AI systems against this new threat.

The discovery of the Skeleton Key jailbreak technique underscores the ongoing challenges in securing AI systems as they become more prevalent in various applications.

AI News

Stay up-to-date with the latest developments in artificial intelligence, machine learning, and deep learning. Explore breakthroughs, research papers, industry applications, and ethical considerations related to AI. From neural networks to natural language processing, this category covers it all. Whether you’re a researcher, developer, or simply curious about the future of AI, you’ll find valuable insights here.

Software News

Stay up-to-date with the latest developments in ERP software, including trends, innovations, and industry insights. From cloud adoption to AI-enhanced solutions, this category covers it all. through these highlights :

  • latest developments in ERP software
  • trends & innovations
  • industry insights

HardWare News

Stay up to date with the latest hardware developments in the world.

Have questions or need assistance?

Feel free to reach out to our dedicated support team. We’re here to help!

Contact us For Info